#!/bin/bash # # Hetzner IP Ranges - iptables/ipset rules # ASN: AS24940 # Generated: 2025-12-15 # Source: ScaniteX (https://scanitex.com) # # Usage: chmod +x this_script.sh && sudo ./this_script.sh # # Create IPv4 ipset ipset create hetzner_v4 hash:net -exist ipset flush hetzner_v4 # Add IPv4 ranges ipset add hetzner_v4 185.216.237.0/24 ipset add hetzner_v4 162.55.0.0/16 ipset add hetzner_v4 178.63.0.0/16 ipset add hetzner_v4 185.189.230.0/24 ipset add hetzner_v4 91.190.240.0/21 ipset add hetzner_v4 178.212.75.0/24 ipset add hetzner_v4 176.9.0.0/16 ipset add hetzner_v4 171.25.225.0/24 ipset add hetzner_v4 185.157.176.0/23 ipset add hetzner_v4 188.40.0.0/16 ipset add hetzner_v4 46.224.0.0/15 ipset add hetzner_v4 5.9.0.0/16 ipset add hetzner_v4 194.42.180.0/22 ipset add hetzner_v4 194.62.106.0/24 ipset add hetzner_v4 144.76.0.0/16 ipset add hetzner_v4 185.107.52.0/22 ipset add hetzner_v4 185.189.229.0/24 ipset add hetzner_v4 23.88.0.0/17 ipset add hetzner_v4 78.138.62.0/24 ipset add hetzner_v4 188.245.0.0/16 ipset add hetzner_v4 65.109.0.0/16 ipset add hetzner_v4 193.110.6.0/23 ipset add hetzner_v4 185.189.231.0/24 ipset add hetzner_v4 216.55.108.0/22 ipset add hetzner_v4 65.108.0.0/16 ipset add hetzner_v4 65.21.0.0/16 ipset add hetzner_v4 138.201.0.0/16 ipset add hetzner_v4 185.189.228.0/24 ipset add hetzner_v4 213.133.96.0/19 ipset add hetzner_v4 188.34.128.0/17 ipset add hetzner_v4 91.98.0.0/16 ipset add hetzner_v4 167.235.0.0/16 ipset add hetzner_v4 91.99.0.0/16 ipset add hetzner_v4 195.60.226.0/24 ipset add hetzner_v4 197.242.84.0/22 ipset add hetzner_v4 204.29.146.0/24 ipset add hetzner_v4 148.251.0.0/16 ipset add hetzner_v4 185.157.83.0/24 ipset add hetzner_v4 37.27.0.0/16 ipset add hetzner_v4 168.119.0.0/16 ipset add hetzner_v4 49.13.0.0/16 ipset add hetzner_v4 5.75.128.0/17 ipset add hetzner_v4 185.126.28.0/22 ipset add hetzner_v4 136.243.0.0/16 ipset add hetzner_v4 213.239.192.0/18 ipset add hetzner_v4 49.12.0.0/16 ipset add hetzner_v4 88.198.0.0/16 ipset add hetzner_v4 201.131.3.0/24 ipset add hetzner_v4 94.130.0.0/16 ipset add hetzner_v4 185.213.45.0/24 ipset add hetzner_v4 116.202.0.0/16 ipset add hetzner_v4 116.203.0.0/16 ipset add hetzner_v4 91.107.128.0/17 ipset add hetzner_v4 142.132.128.0/17 ipset add hetzner_v4 157.180.0.0/17 ipset add hetzner_v4 185.228.8.0/23 ipset add hetzner_v4 195.201.0.0/16 ipset add hetzner_v4 159.69.0.0/16 ipset add hetzner_v4 194.42.184.0/22 ipset add hetzner_v4 128.140.0.0/17 ipset add hetzner_v4 185.226.99.0/24 ipset add hetzner_v4 135.181.0.0/16 ipset add hetzner_v4 88.99.0.0/16 ipset add hetzner_v4 95.216.0.0/16 ipset add hetzner_v4 138.199.128.0/17 ipset add hetzner_v4 139.28.242.0/23 ipset add hetzner_v4 185.50.120.0/23 ipset add hetzner_v4 45.145.227.0/24 ipset add hetzner_v4 185.12.65.0/24 ipset add hetzner_v4 195.248.224.0/24 ipset add hetzner_v4 95.217.0.0/16 ipset add hetzner_v4 85.10.192.0/18 ipset add hetzner_v4 46.62.128.0/17 ipset add hetzner_v4 185.171.224.0/22 ipset add hetzner_v4 45.15.99.0/24 ipset add hetzner_v4 77.42.0.0/17 ipset add hetzner_v4 167.233.0.0/16 ipset add hetzner_v4 193.163.198.0/24 ipset add hetzner_v4 78.46.0.0/15 ipset add hetzner_v4 46.4.0.0/16 ipset add hetzner_v4 185.157.178.0/23 ipset add hetzner_v4 157.90.0.0/16 # Create IPv6 ipset ipset create hetzner_v6 hash:net family inet6 -exist ipset flush hetzner_v6 # Add IPv6 ranges ipset add hetzner_v6 2a01:4ff:ff01::/48 ipset add hetzner_v6 2a11:e980::/29 ipset add hetzner_v6 2a12:2240::/29 ipset add hetzner_v6 2a06:be80::/29 ipset add hetzner_v6 2a01:4f8::/32 ipset add hetzner_v6 2a01:4f9::/32 # Apply iptables rules (uncomment to use) # iptables -A INPUT -m set --match-set hetzner_v4 src -j ACCEPT # iptables -A INPUT -m set --match-set hetzner_v4 src -j DROP # ip6tables -A INPUT -m set --match-set hetzner_v6 src -j ACCEPT # ip6tables -A INPUT -m set --match-set hetzner_v6 src -j DROP echo "IP ranges for Hetzner loaded successfully!" echo "IPv4 ranges: 82" echo "IPv6 ranges: 6"